Package: procps
Version: 1:3.2.8-1
Severity: minor
File: /etc/sysctl.conf
Hi,
While reading ip-sysctl.txt in the kernel documentation[1], I noticed that
the icmp_echo_ignore_broadcasts setting is now 1 by default.
ip-sysctl.txt said:
icmp_echo_ignore_broadcasts - BOOLEAN
If set non-zero, then the kernel will ignore all ICMP ECHO and
TIMESTAMP requests sent to it via broadcast/multicast.
Default: 1
[1] http://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt
According to the changelog[2], this changes seems to be committed in kernel
2.6.14.
commit 7ce312467edc270fcbd8a699efabb37ce1802b98
Author: David S. Miller <[email protected]>
Date: Mon Oct 3 16:07:30 2005 -0700
[IPV4]: Update icmp sysctl docs and disable broadcast ECHO/TIMESTAMP by
default
It's not a good idea to be smurf'able by default.
The few people who need this can turn it on.
[2] http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.14
The current /etc/sysctl.conf containing the following lines:
# Ignore ICMP broadcasts
#net.ipv4.icmp_echo_ignore_broadcasts = 1
I suggest to mention that it is now enabled by default.
Thanks,
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.30-1-686 (SMP w/1 CPU core)
Locale: LANG=ja_JP.UTF-8, LC_CTYPE=ja_JP.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages procps depends on:
ii libc6 2.9-23 GNU C Library: Shared libraries
ii libncurses5 5.7+20090803-1 shared libraries for terminal hand
ii lsb-base 3.2-23 Linux Standard Base 3.2 init scrip
Versions of packages procps recommends:
ii psmisc 22.8-1 utilities that use the proc file s
procps suggests no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
